Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cpanel vulnerabilities and exploits
(subscribe to this query)
2.7
CVSSv3
CVE-2019-14407
cPanel prior to 78.0.2 reveals internal data to OpenID providers (SEC-415).
Cpanel Cpanel
1 Github repository
4.3
CVSSv3
CVE-2019-14408
cPanel prior to 78.0.2 allows a demo account to link with an OpenID provider (SEC-460).
Cpanel Cpanel
5.5
CVSSv3
CVE-2019-14409
cPanel prior to 78.0.2 allows arbitrary file-read operations via Passenger adminbin (SEC-466).
Cpanel Cpanel
3.3
CVSSv3
CVE-2019-14410
Maketext in cPanel prior to 78.0.2 allows format-string injection in the Email store_filter UAPI (SEC-472).
Cpanel Cpanel
5.3
CVSSv3
CVE-2019-14411
cPanel prior to 78.0.2 does not properly restrict demo accounts from writing to files via the DCV UAPI (SEC-473).
Cpanel Cpanel
3.3
CVSSv3
CVE-2019-14412
Maketext in cPanel prior to 78.0.2 allows format-string injection in the DCV check_domains_via_dns UAPI (SEC-474).
Cpanel Cpanel
4.3
CVSSv3
CVE-2019-14413
cPanel prior to 78.0.2 allows certain file-write operations as shared users during connection resets (SEC-476).
Cpanel Cpanel
3.3
CVSSv3
CVE-2019-14414
In cPanel prior to 78.0.2, a Userdata cache temporary file can conflict with domains (SEC-478).
Cpanel Cpanel
6.1
CVSSv3
CVE-2018-16236
cPanel through 74 allows XSS via a crafted filename in the logs subdirectory of a user account, because the filename is mishandled during frontend/THEME/raw/index.html rendering.
Cpanel Cpanel
7.2
CVSSv3
CVE-2021-38584
The WHM Locale Upload feature in cPanel prior to 98.0.1 allows XXE attacks (SEC-585).
Cpanel Cpanel
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
firmware
CVE-2023-52866
CVE-2024-4367
CVE-2024-1721
CVE-2023-34992
XML injection
CVE-2023-52817
SQL
CVE-2023-52855
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »